The swiss based company Dreamlab Technologies has shown that it is possible to capture and decrypt keystrokes, meaning that user names, passwords, bank details or confidential correspondence can be very easily eavesdropped. According to their Press Release they found a way
The guys from ha.ckers.org web application security lab recently published ways to bypass browser proxies and de-anonymizing tor. Well,
Yet another SQL injection sheet for MySQL, Microsoft SQL Server, ORACLE and PostgreSQL database from
Security Monkey shows a clever real example, how easy it can be to attack horny eBay visitors. His 5 steps action plan is:
WordPress security warning! “If you downloaded WordPress 2.1.1 from wordpress.org within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately”. Please check
Upgrading to wordpress 2.1.1 was urgent, but we still have SQL injections, path disclosures and cross site scripting problems in this version! My colleague Sebastian Krause has some examples:
I know, no news, but this british TV report shows how ATM skimming works and they have some real devices too.
Remember the Ultimate firewall of Marcus J. Ranum? He build a new version, inspired by powerpoint icons from firewall vendor presentations. So true. Well kids, don’t try this at your DMZ or backyard
I was wondering, if they know the “secret” code (in German) behind the licence plate?